iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Using NonStop Servlets for JavaServer Pages
(NSJSP)
iTP Secure WebServer System Administrator’s Guide—523346-002
9-46
Reserved Cookie Name
Reserved Cookie Name
The cookie name "JSESSIONID" is reserved for internal use. According to the Servlet
API 2.2 the name of the session tracking cookie must be "JSESSIONID" and the
name of the session tracking parameter used in the URL rewriting must be
"jsessionid".
Changes from Servlet Version 2.0 to 2.2
If you are migrating from a previous release of Java servlets such as 2.0, you should
check the 2.2 API spec to ensure that any methods or interfaces you have used in the
past have not been deprecated. The following lists contain the changes we have made:
Deprecated Interfaces
•
javax.servlet.http.HttpSessionContext was removed for security reasons
Deprecated Methods
•
javax.servlet.ServletContext.getServlet(String) was potentially unsafe
•
javax.servlet.ServletContext.getServletNames() makes no sense without
getServlet
•
javax.servlet.http.HttpSession.getSessionContext()
(HttpSessionContext is deprecated)
The following methods have been deprecated in the API standard.
•
javax.servlet.ServletContext.log(Exception, String)
Use log(String, Throwable) instead
•
javax.servlet.ServletRequest.getRealPath(String)
Use ServletContext.getRealPath instead
•
javax.servlet.http.HttpServletRequest.isRequestedSessionId
FromUrl
Use isRequestedSessionIdFromURL instead)
•
javax.servlet.http.HttpServletResponse.encodeRedirectUrl(String)
Use encodeRedirectURL instead
•
javax.servlet.http.HttpServletResponse.encodeUrl(String)
Use encodeURL instead